Security, is there an app for that? EU’s cyber-security agency highlights risks & opportunities of smartphones

Written by Ct R. Hamith

Monday, 18 April 2011 07:02

A new ENISA report identifies the top security risks and opportunities of smartphone use and gives practical security advice for businesses, consumers and governments. Top risks include spyware, poor data cleansing when recycling phones, accidental data leakage, and unauthorised premium-rate phonecalls and SMSs.

Worldwide smartphone sales doubled last year (Gartener) and 80 million were sold worldwide in Q3 2010 alone: ENISA’s new report on smartphone security risks and opportunities is timely. If you are one of the hundreds of millions of smartphone users worldwide, you probably spend more time with your phone than your spouse: with its array of applications and sensors, it may even know more about you. These new life-partners are now an essential tool across all sections of society, from top government officials to business and consumers. They are famous for their diversity of functions; a smartphone can be contactless wallet, a camera/videophone, a barcode reader, an email client, or a way of accessing social networks.

“Given the growing importance of smartphones for EU businesses, governments and citizens, we consider it essential to assess their security and privacy implications.”Says Prof. Dr. Udo Helmbrecht, Executive Director of ENISA.

In its new report, ENISA analyses the key security opportunities and risks. Some of the key risks are:

In terms of opportunities, backup is often very well integrated into smartphone platforms, making it easy to recover data if the phone is lost or stolen. Another opportunity lies in the use of app stores: “Most smartphone users only install 3rd party software through controlled software distribution channels.” Says Dr. Marnix Dekker co-author of the report.

The most important result of the report is a comprehensive set of strategies for securing smartphones. “Smartphones are goldmine of sensitive and personal information – it’s vital to understand how to maintain our control over this data. We’ve designed our recommendations to plug into a typical security policy” says Dr. Giles Hogben, co-author of the report.

The report has recommendations for business, top officials and consumers – and for dealing with security risks of mixing these roles.